deutscheroestereien.de Open in urlscan Pro
2a09:8280:1::15:5fcb Public Scan

Go To Rescan
Add Verdict Report

URL:
https://deutscheroestereien.de/
Submission: On September 10 via automatic, source certstream-suspicious (September 10th 2023, 9:05:34 am UTC) — Scanned from DE

Summary HTTP 11 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 11 HTTP transactions. The main IP is 2a09:8280:1::15:5fcb, located in United States and belongs to FLY, US. The main domain is deutscheroestereien.de.
TLS certificate: Issued by R3 on September 10th 2023. Valid for: 3 months.

This is the only time deutscheroestereien.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
8	2a09:8280:1::... 2a09:8280:1::15:5fcb	40509 (FLY) (FLY)
2	217.229.170.93 217.229.170.93	3320 (DTAG Inte...) (DTAG Internet service provider operations)
1	52.222.206.6 52.222.206.6	16509 (AMAZON-02) (AMAZON-02)
11	3

8 2a09:8280:1::15:5fcb (United States)

ASN40509 (FLY, US)

deutscheroestereien.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 217.229.170.93 (Asperg, Germany)

ASN3320 (DTAG Internet service provider operations, DE)
PTR: pd9e5aa5d.dip0.t-ipconnect.de

plausible.home.juli.sh	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.206.6 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-206-6.fra56.r.cloudfront.net

cdn.amplitude.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
8	deutscheroestereien.de deutscheroestereien.de	28 KB
2	juli.sh plausible.home.juli.sh	2 KB
1	amplitude.com cdn.amplitude.com — Cisco Umbrella Rank: 3035	21 KB
11	3

	Domain	Requested by
8	deutscheroestereien.de	deutscheroestereien.de
2	plausible.home.juli.sh	deutscheroestereien.de plausible.home.juli.sh
1	cdn.amplitude.com	deutscheroestereien.de
11	3

This site contains links to these domains. Also see Links.

Domain
github.com
www.linkedin.com
twitter.com

Subject Issuer	Validity	Valid
deutscheroestereien.de R3	`2023-09-10` - `2023-12-09`	3 months	crt.sh
plausible.home.juli.sh R3	`2023-07-24` - `2023-10-22`	3 months	crt.sh
cdn.amplitude.com Amazon RSA 2048 M01	`2023-01-12` - `2024-02-11`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://deutscheroestereien.de/
Frame ID: E6ACACBD25EFFCF104DDE90E6B7BBCC8
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Kaffeeroesterei

Detected technologies

Amplitude (Analytics) Expand

Overall confidence: 100%
Detected patterns

cdn\.amplitude\.com

Page Statistics

11
Requests

100 %
HTTPS

33 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

51 kB
Transfer

148 kB
Size

0
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://github.com/ihrewebadresse/kaffeewelt#readme
Title: README

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/in/julian-beck/

Search URL Search Domain Scan URL

URL: https://twitter.com/julianfbeck

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

11 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
deutscheroestereien.de/ 16 KB
9 KB 250ms
42ms Document
text/html 2a09:8280:1::15:5fcb
FLY

General

Check archive.org

Show headers Download Go to

Full URL: https://deutscheroestereien.de/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a09:8280:1::15:5fcb , United States, ASN40509 (FLY, US),
Reverse DNS
Software: Fly/6c8f1b54 (2023-09-07) /
Resource Hash: 41692b2e117563e9db571ed0ecde50afdb7640b17d9e3d1eef65c70607ebfb6b

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html
date: Sun, 10 Sep 2023 09:05:29 GMT
fly-request-id: 01H9Z5DGR8KG0CG68P1WB5MYR8-fra
server: Fly/6c8f1b54 (2023-09-07)
via: 2 fly.io

GET
H2 200 script.js Show response
plausible.home.juli.sh/js/ 1 KB
1 KB 158ms
30ms Script
application/javascript 217.229.170.93
DTAG Internet ser...

General

Check archive.org

Show headers Download Go to

Full URL

https://plausible.home.juli.sh/js/script.js

Requested by

Host: deutscheroestereien.de
URL: https://deutscheroestereien.de/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

217.229.170.93 Asperg, Germany, ASN3320 (DTAG Internet service provider operations, DE),

Reverse DNS

pd9e5aa5d.dip0.t-ipconnect.de

Software

Cowboy /

Resource Hash

ae4216bfc85c99ffd32e7745f0d7d4cd5f57b714f3a4911176b8cd78a176c97c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://deutscheroestereien.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 09:05:30 GMT
x-content-type-options: nosniff
server: Cowboy
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400, must-revalidate
cross-origin-resource-policy: cross-origin
content-length: 1321

GET
H2 200 toggle-theme.js Show response
deutscheroestereien.de/ 1 KB
953 B 26ms
26ms Script
application/javascript 2a09:8280:1::15:5fcb
FLY

General

Check archive.org

Show headers Download Go to

Full URL: https://deutscheroestereien.de/toggle-theme.js
Requested by: Host: deutscheroestereien.de
URL: https://deutscheroestereien.de/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a09:8280:1::15:5fcb , United States, ASN40509 (FLY, US),
Reverse DNS
Software: Fly/6c8f1b54 (2023-09-07) /
Resource Hash: a0181c406fc205da689dd9627638ba0cad1eabecfb0e4fc7e4354f95d71aa7a3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://deutscheroestereien.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 09:05:29 GMT
content-encoding: gzip
via: 2 fly.io
last-modified: Thu, 07 Sep 2023 15:41:58 GMT
server: Fly/6c8f1b54 (2023-09-07)
fly-request-id: 01H9Z5DGSZAMJVNHVERCB9WN05-fra
etag: W/"5b9-18a704ea970"
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=0
accept-ranges: bytes

GET
H2 200 404.3b571b26.css
deutscheroestereien.de/_astro/ 22 KB
7 KB 26ms
25ms Stylesheet
text/css 2a09:8280:1::15:5fcb
FLY

General

Check archive.org

Show headers Download Go to

Full URL: https://deutscheroestereien.de/_astro/404.3b571b26.css
Requested by: Host: deutscheroestereien.de
URL: https://deutscheroestereien.de/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a09:8280:1::15:5fcb , United States, ASN40509 (FLY, US),
Reverse DNS
Software: Fly/6c8f1b54 (2023-09-07) /
Resource Hash: 3b571b26c756f7e42fffda9aeb2fc8df7ed1a44d442f9ec5b75dbdad372dbef7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://deutscheroestereien.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 09:05:29 GMT
content-encoding: gzip
via: 2 fly.io
last-modified: Thu, 07 Sep 2023 15:41:56 GMT
server: Fly/6c8f1b54 (2023-09-07)
fly-request-id: 01H9Z5DGSZF33EX69BEJ23SS9K-fra
etag: W/"59dd-18a704ea1a0"
content-type: text/css; charset=UTF-8
cache-control: public, max-age=0
accept-ranges: bytes

GET
H2 200 about.8544169f.css
deutscheroestereien.de/_astro/ 29 KB
8 KB 25ms
24ms Stylesheet
text/css 2a09:8280:1::15:5fcb
FLY

General

Check archive.org

Show headers Download Go to

Full URL: https://deutscheroestereien.de/_astro/about.8544169f.css
Requested by: Host: deutscheroestereien.de
URL: https://deutscheroestereien.de/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a09:8280:1::15:5fcb , United States, ASN40509 (FLY, US),
Reverse DNS
Software: Fly/6c8f1b54 (2023-09-07) /
Resource Hash: 8544169f51f3da93445b2708604be9654394aaa065732ce1d35f1d114e45f4f6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://deutscheroestereien.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 09:05:29 GMT
content-encoding: gzip
via: 2 fly.io
last-modified: Thu, 07 Sep 2023 15:41:56 GMT
server: Fly/6c8f1b54 (2023-09-07)
fly-request-id: 01H9Z5DGT05E7JP29X6NBK16ZR-fra
etag: W/"75dd-18a704ea1a0"
content-type: text/css; charset=UTF-8
cache-control: public, max-age=0
accept-ranges: bytes

GET
H2 200 about.9adfc567.css
deutscheroestereien.de/_astro/ 7 KB
2 KB 31ms
30ms Stylesheet
text/css 2a09:8280:1::15:5fcb
FLY

General

Check archive.org

Show headers Download Go to

Full URL: https://deutscheroestereien.de/_astro/about.9adfc567.css
Requested by: Host: deutscheroestereien.de
URL: https://deutscheroestereien.de/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a09:8280:1::15:5fcb , United States, ASN40509 (FLY, US),
Reverse DNS
Software: Fly/6c8f1b54 (2023-09-07) /
Resource Hash: 9adfc567f4af5913667a775f5ea0ddc564a7516d65d0ea1317465d2ec867adb2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://deutscheroestereien.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 09:05:29 GMT
content-encoding: gzip
via: 2 fly.io
last-modified: Thu, 07 Sep 2023 15:41:56 GMT
server: Fly/6c8f1b54 (2023-09-07)
fly-request-id: 01H9Z5DGT0MW5NHQ63GW9PQFG2-fra
etag: W/"1de9-18a704ea1a0"
content-type: text/css; charset=UTF-8
cache-control: public, max-age=0
accept-ranges: bytes

GET
H2 200 index.2621795c.css
deutscheroestereien.de/_astro/ 2 KB
757 B 28ms
27ms Stylesheet
text/css 2a09:8280:1::15:5fcb
FLY

General

Check archive.org

Show headers Download Go to

Full URL: https://deutscheroestereien.de/_astro/index.2621795c.css
Requested by: Host: deutscheroestereien.de
URL: https://deutscheroestereien.de/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a09:8280:1::15:5fcb , United States, ASN40509 (FLY, US),
Reverse DNS
Software: Fly/6c8f1b54 (2023-09-07) /
Resource Hash: 2621795caf7023da754119a9bc0e9eb1140c410e54efff806eeb9d3acce68449

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://deutscheroestereien.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 09:05:29 GMT
content-encoding: gzip
via: 2 fly.io
last-modified: Thu, 07 Sep 2023 15:41:56 GMT
server: Fly/6c8f1b54 (2023-09-07)
fly-request-id: 01H9Z5DGT0MG1RYCP9QKFHPB6N-fra
etag: W/"7ec-18a704ea1a0"
content-type: text/css; charset=UTF-8
cache-control: public, max-age=0
accept-ranges: bytes

GET
H2 200 hoisted.f67eaad1.js Show response
deutscheroestereien.de/_astro/ 2 KB
1 KB 31ms
31ms Script
application/javascript 2a09:8280:1::15:5fcb
FLY

General

Check archive.org

Show headers Download Go to

Full URL: https://deutscheroestereien.de/_astro/hoisted.f67eaad1.js
Requested by: Host: deutscheroestereien.de
URL: https://deutscheroestereien.de/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a09:8280:1::15:5fcb , United States, ASN40509 (FLY, US),
Reverse DNS
Software: Fly/6c8f1b54 (2023-09-07) /
Resource Hash: a16c772114b1fe33b65da028d5b354c3617eac380010a5b871259e21b8346738

Request headers

Referer: https://deutscheroestereien.de/
Origin: https://deutscheroestereien.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 09:05:29 GMT
content-encoding: gzip
via: 2 fly.io
last-modified: Thu, 07 Sep 2023 15:41:58 GMT
server: Fly/6c8f1b54 (2023-09-07)
fly-request-id: 01H9Z5DGT0D5CK9X7RNXRAVSXB-fra
etag: W/"700-18a704ea970"
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=0
accept-ranges: bytes

GET
H2 200 hoisted.eec05685.js Show response
deutscheroestereien.de/_astro/ 388 B
381 B 22ms
22ms Script
application/javascript 2a09:8280:1::15:5fcb
FLY

General

Check archive.org

Show headers Download Go to

Full URL: https://deutscheroestereien.de/_astro/hoisted.eec05685.js
Requested by: Host: deutscheroestereien.de
URL: https://deutscheroestereien.de/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a09:8280:1::15:5fcb , United States, ASN40509 (FLY, US),
Reverse DNS
Software: Fly/6c8f1b54 (2023-09-07) /
Resource Hash: fb4aca6d90b2981f0d399dfd2fa2fb7020388c3da4df47ea7b2d4d3e343d2f90

Request headers

Referer: https://deutscheroestereien.de/_astro/hoisted.f67eaad1.js
Origin: https://deutscheroestereien.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 09:05:30 GMT
content-encoding: gzip
via: 2 fly.io
last-modified: Thu, 07 Sep 2023 15:41:58 GMT
server: Fly/6c8f1b54 (2023-09-07)
fly-request-id: 01H9Z5DGX6YR8D1XBXC9G59FGR-fra
etag: W/"184-18a704ea970"
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=0
accept-ranges: bytes

POST
H2 202 event Show response
plausible.home.juli.sh/api/ 2 B
205 B 141ms
73ms XHR
text/plain 217.229.170.93
DTAG Internet ser...

General

Check archive.org

Show headers Download Go to

Full URL: https://plausible.home.juli.sh/api/event
Requested by: Host: plausible.home.juli.sh
URL: https://plausible.home.juli.sh/js/script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 217.229.170.93 Asperg, Germany, ASN3320 (DTAG Internet service provider operations, DE),
Reverse DNS: pd9e5aa5d.dip0.t-ipconnect.de
Software: Cowboy /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer: https://deutscheroestereien.de/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 10 Sep 2023 09:05:30 GMT
server: Cowboy
vary: Accept-Encoding
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
content-length: 2
x-request-id: F4N-R3C3UWz8w_sAACPh

GET
H2 200 analytics-browser-1.5.1-min.js.gz Show response
cdn.amplitude.com/libs/ 66 KB
21 KB 667ms
627ms Script
application/javascript 52.222.206.6
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.amplitude.com/libs/analytics-browser-1.5.1-min.js.gz
Requested by: Host: deutscheroestereien.de
URL: https://deutscheroestereien.de/_astro/hoisted.f67eaad1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.206.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-206-6.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1ff966fded4dc13ebce0d83e6876a50cf089899e4dcbf234e04e40590731ffe5

Request headers

Referer: https://deutscheroestereien.de/
Origin: https://deutscheroestereien.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 09:05:31 GMT
content-encoding: gzip
via: 1.1 eaedf92fd05c53aa96f20b6322b473e6.cloudfront.net (CloudFront)
x-amz-version-id: dpreDq_9yFwV0L7tIymnrx6A_rwY2HPB
x-amz-cf-pop: FRA56-P3
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-length: 21102
last-modified: Wed, 28 Sep 2022 18:17:03 GMT
server: AmazonS3
etag: "880c1d91f21fd30b4fa59335505a396e"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
accept-ranges: bytes
x-amz-cf-id: juGkMm_5KHG9d5yk1EtrvbAhH_suDMwfpjWTpMTeT4B_LJYjfuthtA==

Verdicts & Comments Add Verdict or Comment

6 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.amplitude.com
deutscheroestereien.de
plausible.home.juli.sh
217.229.170.93
2a09:8280:1::15:5fcb
52.222.206.6
1ff966fded4dc13ebce0d83e6876a50cf089899e4dcbf234e04e40590731ffe5
2621795caf7023da754119a9bc0e9eb1140c410e54efff806eeb9d3acce68449
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
3b571b26c756f7e42fffda9aeb2fc8df7ed1a44d442f9ec5b75dbdad372dbef7
41692b2e117563e9db571ed0ecde50afdb7640b17d9e3d1eef65c70607ebfb6b
8544169f51f3da93445b2708604be9654394aaa065732ce1d35f1d114e45f4f6
9adfc567f4af5913667a775f5ea0ddc564a7516d65d0ea1317465d2ec867adb2
a0181c406fc205da689dd9627638ba0cad1eabecfb0e4fc7e4354f95d71aa7a3
a16c772114b1fe33b65da028d5b354c3617eac380010a5b871259e21b8346738
ae4216bfc85c99ffd32e7745f0d7d4cd5f57b714f3a4911176b8cd78a176c97c
fb4aca6d90b2981f0d399dfd2fa2fb7020388c3da4df47ea7b2d4d3e343d2f90

deutscheroestereien.de Open in urlscan Pro 2a09:8280:1::15:5fcb Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

11 Requests

100 %HTTPS

33 %IPv6

3 Domains

3 Subdomains

3 IPs

2 Countries

51 kBTransfer

148 kBSize

0 Cookies

3 Outgoing links

Redirected requests

11 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

6 JavaScript Global Variables

0 Cookies

Indicators

deutscheroestereien.de Open in urlscan Pro
2a09:8280:1::15:5fcb Public Scan

Screenshot
Live screenshot

Full Image

11
Requests

100 %
HTTPS

33 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

51 kB
Transfer

148 kB
Size

0
Cookies

11 HTTP transactions
0 data transactions